package ro.gii.auctionHouse.security;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;

/**
 * CustomAuthenticationFailureHandler that adds the localized security message
 * key on the session, so we can show it in the login page.
 * 
 * 
 */
public class CustomAuthenticationFailureHandler extends
		SimpleUrlAuthenticationFailureHandler {

	@Override
	public void onAuthenticationFailure(HttpServletRequest httpServletRequest,
			HttpServletResponse httpServletResponse, AuthenticationException e)
			throws IOException, ServletException {

		// add the exception message on the faces context
		httpServletRequest.getSession().setAttribute("securityErrorMessage",
				"loginSecurityError");

		// call super for redirect/forward logic
		super.onAuthenticationFailure(httpServletRequest, httpServletResponse,
				e);
	}
}
